CVE-2025-30722

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

History

27 Jun 2025, 16:03

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
First Time Oracle mysql Cluster
Oracle mysql Client
Netapp active Iq Unified Manager
Netapp
Oracle
Netapp snapcenter
CWE NVD-CWE-noinfo
References () https://www.oracle.com/security-alerts/cpuapr2025.html - () https://www.oracle.com/security-alerts/cpuapr2025.html - Vendor Advisory
References () https://security.netapp.com/advisory/ntap-20250418-0005/ - () https://security.netapp.com/advisory/ntap-20250418-0005/ - Third Party Advisory

19 Apr 2025, 01:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20250418-0005/ -

16 Apr 2025, 13:25

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad en el producto Cliente MySQL de Oracle MySQL (componente: Cliente: mysqldump). Las versiones compatibles afectadas son 8.0.0-8.0.41, 8.4.0-8.4.4 y 9.0.0-9.2.0. Esta vulnerabilidad, difícil de explotar, permite a un atacante con pocos privilegios y acceso a la red a través de múltiples protocolos comprometer el Cliente MySQL. Los ataques con éxito pueden resultar en acceso no autorizado a datos críticos o acceso completo a todos los datos accesibles del Cliente MySQL, así como acceso no autorizado a actualizaciones, inserciones o eliminaciones de algunos datos accesibles del Cliente MySQL. Puntuación base de CVSS 3.1: 5.9 (Afecta a la confidencialidad y la integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).

15 Apr 2025, 21:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-15 21:16

Updated : 2025-06-27 16:03


NVD link : CVE-2025-30722

Mitre link : CVE-2025-30722

CVE.ORG link : CVE-2025-30722


JSON object : View

Products Affected

netapp

  • snapcenter
  • active_iq_unified_manager

oracle

  • mysql_cluster
  • mysql_client